Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Market-Changing Research Reveals Link Between Strong Cybersecurity and Stock Price](/sites/default/files/styles/4_3_small/public/migration/images/Screen%2520Shot%25202020-10-05%2520at%25204.45.59%2520PM_1.png.webp?itok=Rn5bpNED)
One of the biggest questions in cybersecurity now has an answer… and the implications are significant for investors, policymakers, corporate executives, and cybersecurity professionals alike.
![3 Software Tools Transforming the Vendor Selection Process](/sites/default/files/styles/4_3_small/public/migration/images/3_Software_Tools_Transforming_the_Vendor_Selection_Process_1.jpeg.webp?itok=wKLCgF24)
The world of procurement has been fundamentally changed by the introduction of technology. Source-to-pay software has brought digital workflows and automation to time-consuming processes like creating RFPs, managing contracts, and remitting payments.
![Automated vendor risk assessment program](/sites/default/files/styles/4_3_small/public/2023/03/13/Automated%20Vendor%20Risk%20Assessment%2C%20SIZED.jpg.webp?itok=3Lq_qH-m)
Using automated vendor risk assessment capabilities and tools you can eliminate manual processes, scale your VRM program, and quickly mitigate risk.
![Cybersecurity Audit vs. Cybersecurity Assessment](/sites/default/files/styles/4_3_small/public/migration/images/Cybersecurity_Audit_Vs_Cybersecurity_Assessment_Which_Do_You_Need__-_thumb_1.jpg.webp?itok=BMBhp7aQ)
Whether you’re a security leader asked by the board to facilitate a cyber security audit, or a member of the board planning to request one, it’s crucial to know what is a cybersecurity audit & what it isn’t. You need to know precisely what is being asked for to make sure the right information is collected.
![How To Build a Trusted Cybersecurity Program](/sites/default/files/styles/4_3_small/public/2023/06/22/How%20To%20Build%20a%20Trusted%20Cybersecurity%20Program.jpg.webp?itok=RgZtJKdj)
Enterprises tend to take their time with remediation efforts, despite software vulnerabilities being a top threat to organizations’ cybersecurity performance. The key to quicker fixes? Timely briefings.
![a man sits at his desk reading reports on several monitors to help detect shadow it](/sites/default/files/styles/4_3_small/public/2024/01/27/How-to-Detect-Shadow-IT_Image%20%281%29.png.webp?itok=_piDra7C)
Learn how to discover shadow IT with tools like network audits, CASB tools, and train staff to identify and manage hidden tech risks effectively.
![3 Steps Government Policymakers Can Take to Reduce Critical Infrastructure Cyber Attacks](/sites/default/files/styles/4_3_small/public/2023/12/20/3%20Steps%20Government%20Policymakers%20Can%20Take%20to%20Reduce%20Critical%20Infrastructure%20Cyber%20Attacks.jpg.webp?itok=LtX6kLqo)
Here's what policymakers can do to reduce cyber risks associated with exposed industrial control systems.
![Third-party ecosystem automation](/sites/default/files/styles/4_3_small/public/2022/12/02/Third-Party%20Ecosystem%2C%20SIZED.jpg.webp?itok=Mv5_k3uj)
Learn how to automate cyber risk management across your third-party ecosystem from onboarding through the life of the relationship.
![a high, medium and low dial representing third part risk; a hand turns down the dial](/sites/default/files/styles/4_3_small/public/2024/01/22/Addressing-Third-Party-Risk-2024.jpg.webp?itok=t3ll8HZA)
Explore key insights and findings from a Bitsight/Google study on cybersecurity vulnerabilities in vendor relations, including strategies for effective third-party risk management.
![mitre system of trust](/sites/default/files/styles/4_3_small/public/2023/05/29/mitre%20system%20of%20trust.jpeg.webp?itok=-JjFmAtt)
Learn how the System of Trust framework can help you understand and address supply chain risks.
![Mapping digital footprint](/sites/default/files/styles/4_3_small/public/2022/01/31/Map%20Digital%20Footprint%2C%20Sized.jpg.webp?itok=odikNyvb)
Consider these three best practices for mapping your digital footprint and using these insights to better assess cyber risk and drive continuous improvement in your security program.
![digital risk monitoring, attack surface, continuous monitoring](/sites/default/files/styles/4_3_small/public/2022/07/21/digital%20risk%20monitoring%20sized.jpg.webp?itok=MqUKs2UN)
Give your security teams critical digital risk monitoring tools to discover, prioritize, and remediate risk across the expanding attack surface.
![Cyber Resilience Metrics](/sites/default/files/styles/4_3_small/public/2022/05/24/Cyber%20Resilience%20Metrics.jpg.webp?itok=kbz4TaC8)
To improve cyber resilience, you must first measure it. Learn the 4 metrics to track to gain insights into your cybersecurity posture.
![4 Common Retail Security Threats (and How to Stop Them)](/sites/default/files/styles/4_3_small/public/migration/images/2.%2520retail%2520gift%2520card_1.jpg.webp?itok=gl24d1uS)
The retail industry has always been a favorite target of cyber criminals. We all remember major data breaches like those that affected Target, TJX, and Home Depot — but the truth is that retail security threats have been a daily concern of retailers for a long time.
![5 Essential Elements of a Municipal Cyber Security Plan](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1869191218.jpg.webp?itok=IOSHTpoi)
Cyberattacks on state and local governments are on the rise. In 2020, more than 100 government agencies, including municipalities, were targeted with ransomware – an increasingly popular attack vector.